Image sharing system

ABSTRACT

A server system for distributing information securely includes a network interface for receiving, over a network, an information object accompanied by metadata. A repository stores the information object. Metadata is mapped to electronic addresses of trusted recipients. A processor is configured to generate a link for accessing the information object in the repository, acquire an electronic address of a trusted recipient based on the metadata accompanying the information object, insert the link into an electronic message addressed to the electronic address of the trusted recipient, and send the electronic message with the link to the trusted recipient. The processor is further configured to receive, over a second network, a request for the information object sent from a user device in response to an activation of the link, retrieve the information object from the repository, and transmit the information object to a browser of the user device over the second network.

RELATED APPLICATIONS

This application is a national stage application under 35 U.S.C 371 ofPCT Application No. PCT/US 2013070473, having an international filingdate of Nov. 18, 2013, wich designated the United States which PCTapplication claims the benefit of and priority to U.S. ProvisionalApplication No. 61/727,856, filed Nov. 19, 2012, titled “Image Sharing”,and U.S. Provisional Application No. 61/728,301, filed Nov. 20, 2012,titled “Image Sharing System”, the entireties of which applications areincorporated by reference herein.

FIELD OF THE INVENTION

The invention relates generally to systems and methods for securelysharing images.

BACKGROUND

The sharing of electronic health records (EHRs) and personal healthrecords (PHRs) can provide many benefits for health care providers andtheir patients. With the sharing of EHRs and PHRs, health care generallyimproves. The sharing of EHRs and PHRs leads to complete and accurateinformation, improved access to such information, and empowerment of thepatient, who can take an active role in their health by receivingelectronic copies of their medical records. Within a radiologicalenvironment, for instance, the Digital Imaging Communications inMedicine (DICOM) standard was developed to promote communication ofdigital image information. The DICOM standard defines the structure ofradiological objects, such as images, reports, measurements and otherpatient documentation, and the manner in which such radiological objectsare exchanged. However, before one can fully reap the benefits ofelectronically sharing EHRs, any system designed to exchange medicalrecords needs to take into consideration that such records containhighly confidential and sensitive information.

To help protect the highly confidential and sensitive nature ofexchanged health information among healthcare participants, the Officeof the National Coordinator for Health Information Technology developedthe Direct Secure Messaging (Direct) standards. In brief, Direct is asecure electronic communication service by which health care personnelcan send authenticated, encrypted health information directly to known,trusted recipients. Direct operates like electronic mail (email) withsecurity features, such as point-to-point encryption.

SUMMARY

In one aspect, the invention features a server system for securelydistributing information. The server system comprises a networkinterface receiving, over a network, an information object accompaniedby metadata. A repository stores the information object. Mapping meansmaps metadata to electronic addresses of trusted recipients. A processoris configured to generate a link for accessing the information object inthe repository, to acquire an electronic address of a trusted recipientfrom the lookup table based on the metadata accompanying the receivedinformation object, to insert the link into an electronic messageaddressed to the electronic address of the trusted recipient, and tosend the electronic message with the link to the electronic address ofthe trusted recipient.

In another aspect, the invention features a method of securelydistributing information. The method comprises receiving, over anetwork, an information object accompanied by metadata. The informationobject is stored in a repository. A link is generated for accessing theinformation object in the repository. The metadata accompanying theinformation object is mapped to an electronic address of a trustedrecipient. The link is inserted into an electronic message, and theelectronic message with the link is securely sent to the electronicaddress of the trusted recipient.

In still another aspect, the invention features a computer programproduct for distributing information securely. The computer programproduct comprises a computer readable non-transitory storage mediumhaving computer readable program code embodied therewith. The computerreadable program code comprises computer readable program code that, ifexecuted, receives an information object accompanied by metadata over anetwork;

computer readable program code that, if executed, stores the informationobject in a repository; computer readable program code that, ifexecuted, generates a link for accessing the information object in therepository; computer readable program code that, if executed, maps themetadata accompanying the information object to an electronic address ofa trusted recipient; computer readable program code that, if executed,inserts the link into a secure electronic message; and computer readableprogram code that, if executed, sends the secure electronic message withthe link to the electronic address of the trusted recipient.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and further advantages of this invention may be betterunderstood by referring to the following description in conjunction withthe accompanying drawings, in which like numerals indicate likestructural elements and features in various figures. The drawings arenot necessarily to scale, emphasis instead being placed uponillustrating the principles of the invention.

FIG. 1 is a diagram of an embodiment of a secure image-sharing systemincluding an image-sharing server system in communication between ahealthcare facility and a plurality of user devices.

FIG. 2 is a diagram of an embodiment of the image-sharing server systemcomprised of a core services module, a secure messaging module, an imagerepository, and a Web communication module.

FIG. 3 is a flow diagram of an embodiment of a process for securelydistributing studies and images to a known, trusted recipient.

DETAILED DESCRIPTION

Image-sharing servers described herein facilitate secure streaming andviewing of images. Such image-sharing servers can be part of anelectronic health record (EHR) system used to share medical images in amanner that qualifies as “Meaningful Use” both inside and outside of aninstitution, such as a healthcare facility. In general, “Meaningful Use”refers to a set of standards, defined by the Centers for Medicare &Medicaid Services (CMS) Incentive Programs governing the use ofelectronic health records. Healthcare providers that meet specificcriteria become eligible to earn incentive payments. Meaningful Useobjectives have three stages with various criteria. Meaningful Use Stage2 (MU2) criteria include rigorous health information exchange (HIE) andthe electronic transmission of patient care summaries across multiplesettings.

The aforementioned secure messaging system, Direct, has a shortcoming inthat the Direct standards do not accommodate the attachment of largefiles (e.g., 1 GB, 2 GB) or payloads that change continuously to asecure electronic message. This presents a limitation to the sharing ofthose EHRs that include one or more sizable images or studies (i.e.,series of images) or have continuously changing data, such as thatproduced by physiologic monitors (e.g., implantable cardiacdefibrillators). The image-sharing servers described herein provide amechanism by which such images can be securely acquired over a differentpathway or channel from that taken by the secure messages, therebyavoiding the attachment size limitation of the secure messaging system,while still satisfying the MU2 criteria.

In brief overview, the embodiments of image-sharing servers describedherein receive and store protected resources, such as an image, orseries of images, and generate links for accessing such protectedresources. The link is included in a secure (e.g., Direct) email messageand sent with an MU2 EHR to a trusted recipient, for example, a staffmember. The trusted recipient can then forward the email with the linkto another person, using a second secure email message. The original andsecond secure email message resides in MU2-compliant inboxes awaitingviewing. When a recipient activates the link, the image-sharing serverstreams the associated image or series of images to the browser of therecipient's device. Any electronic device with a browser can serve toview the images. The streaming of each image can occur using a securecommunication protocol, such as https.

FIG. 1 shows an embodiment of a secure image-sharing system 10 includingan image-sharing server system 12 in communication with an enterprise14, such as a healthcare facility, and with a plurality of user devices16-1, 16-2 (generally, user device 16) over a network 18. Although shownexternal to the enterprise 14, the image-sharing server system 12 can bepart of the enterprise 14.

The enterprise 14 includes one or more sources 20-1, 20-2 (generally,source 20) of information objects 22 (that is, secure objects, e.g.,images, image series, and structured reports) and a repository 24coupled to a local network (e.g., a LAN, TCP/IP, Ethernet) 26 forstoring the information objects 22. Each source 20 can be any electronicequipment capable of capturing and transferring images over the network26, for example, a radiological or computerized tomography (CT) scanningsystem. For illustration purposes, the source 20-1 produces informationobjects 22 in accordance with the DICOM (Digital Imaging andCommunications in Medicine) standard used to handle, store, and transmitmedical images and associated imaging information, whereas the source20-2 produces non-DICOM secure objects, for example, pathology images.

In one embodiment, the sources 20, repository 24, and network 26 arepart of a DICOM network, which can include other networked devices (notshown), such as CT and computed radiography (CR) scanners to create andsend images, a Picture Archiving and Communication System (PACS) tohandle the archiving and distribution of images and related objects, andreporting and post-processing workstations.

The image-sharing server system 12 comprises one or more computingsystems configured to acquire information objects 22 from the enterprise14, and automatically generate and securely send links to theinformation objects to trusted users. These trusted users can use theiruser devices 16-1 to access and view the information objects 22, or,forward the automatic notification with the link to other persons, whomay use their user devices 16-2 to access and view the informationobjects 22.

In general, each user device 16 is an electronic device capable ofreceiving electronic messages and connecting to servers and otherdevices over the network 18 using, for example, a web browser program.As a representative example of the user devices 16, the user device 16-2includes a user-messaging application program 30 and a web browserprogram 32. The user-messaging application 30 can be any commerciallyavailable electronic mail program, for example, Microsoft Outlook™. Theweb browser program 32 can be any commercially available Web browser,for example Microsoft INTERNET EXPLORER®, Mozilla FIREFOX®, NETSCAPE®,Opera Software OPERA™, and Apple SAFARI®. (Currently, most computingdevices already have an installed browser when purchased from amanufacturer and deployed in the business, enterprise, or home). Nobrowser add-ons or extensions are needed for the user device 16-2 torequest and receive the information objects 22 from the image-sharingserver system 12 as described herein. Example implementations of theuser device 16-2 include, but are not limited to, electronic tablets ornotepads (e.g., iPAD™), personal computers (PC), Macintosh computers,workstations, laptop computers, kiosks, hand-held devices, such as apersonal digital assistants (PDAs), mobile smart phones (e.g., iPHONE™,BlackBerry™), navigation and global positioning systems, and networkterminals.

Embodiments of the network 18 include, but are not limited to,local-area networks (LAN), metro-area networks (MAN), and wide-areanetworks (WAN), such as the Internet or World Wide Web. Each user device16 can connect to the image-sharing server system 12 over the network 18through one of a variety of connections, such as standard telephonelines, digital subscriber line (DSL), asynchronous DSL, LAN or WAN links(e.g., T1, T3), broadband connections (Frame Relay, ATM, X.25), andwireless connections (e.g., 802.11(a), 802.11(b), 802.11(g), 802.11(n)).

In brief overview, information objects 22 pass to the image-sharingserver system 12 over the network 26. In response to receiving aninformation object 22 (e.g., image or series of images), theimage-sharing server system 12 automatically stores the informationobject 22, creates a link (e.g., a Universal Resource Locator or URL)associated with the information object 22, and generates a securemessage 34-1 that includes the link, and, typically, a health record.The image-sharing server system 12 maintains a record of each linkgenerated and the one or more secure information objects 22 associatedwith the link. Such records can reside within a database at theimage-sharing server system.

The image-sharing server system 12 sends this first secure message 34-1to a known, trusted recipient (e.g., a staff member) with, for example,an MU2 EHR (Meaningful Use Stage 2 Electronic Health Record) status. Asa result, this automated secure message 34-1 is placed completely underthe control of the receiving institution, giving the receivinginstitution administrative control (e.g., department-by-department) ofmessage routing. The known, trusted recipient may then forward the link(along with a health record conveyed by the first secure message) toothers (e.g., a clinician, referring physician, or patient that can bereached by user device 16-2) in a second secure message 34-2. The seconduser, who is the destination of the forwarded message 34-2, may have acompletely different trust relationship with the enterprise 14, theoriginator of the images, from the first user who receives the automaticnotification 34-1 based on metadata (as described in more detail).

Secure messages 34-1, 34-2 include, but are not limited to, emailmessages and instant messages. In one embodiment, the secure messages34-1, 34-2 are Direct Project (or simply Direct) messages. Directmessages are secure email-like communications containing health ormedical data, authenticated, encrypted, and transmitted to known,trusted individuals over a network in accordance with the Direct Projectspecifications provided by the Direct Project (directproject.org).

The forwarded secure message 34-2 appears in the user's secure (e.g.,MU2-compliant) inbox. When the user, by way of the user device 16-2,activates the link in the message 34-2, the activation 36 can launch theweb browser 32 installed on the user device 16-2 (if not alreadyrunning), and the web browser 32 may use a hypertext transfer protocol(HTTP, HTTPS) to request the secure information object 22 from theimage-sharing server system 12 at the location indicated by the link.

The request traverses a communication path 38 through the network 18 toarrive at the image-sharing server system 12. In response to therequest, the image-sharing server system 12 acquires the informationobjects signified by the link, such as files and images. Theimage-sharing server system 12 then transmits the information objectsover a communication path 40 to the web browser 32 running on the userdevice 16-2. In one embodiment, the image-sharing server system 12streams the acquired images over the communication path 40 to the webbrowser 32 running on the user device 16-2.

Various security processes can secure the URL link used to view images,including, but not limited to, encrypting the communications over thepath 40 using SSL and TLS, short-term expiration of the URL to avoidinterception and reuse, and single-sign-on federated authentication andauthentication challenge (e.g. password or token such as OAuth token)prior to serving information via the URL. The same or similar securityprocesses may be used to secure the streaming of the images to therequesting user device 16.

FIG. 2 shows an embodiment of the image-sharing server system 12comprised of a core services module 50, a secure messaging module 52, animage repository 54, and a Web communication module 56. The distributionof the links, as described herein, occurs in near real time; theimage-sharing server system 12 operates to distribute secure emailmessages, containing links to images, to known, authorized recipients asthose images arrive at the image-sharing server system 12.

The core services module 50 includes a manager component 58 configuredto receive information objects 22 (e.g., DICOM and non-DICOM imagingstudies) from a source 20, and an image-processing module 60 configuredto process and prepare images for streaming (e.g., according toJPEG2000), and to store such images in the image repository 54.

The secure messaging module 52 is in communication with a lookup table62 that contains a mapping of metadata to secure email addresses. Thelookup table 62 is an embodiment of a means for mapping metadata tosecure email addresses to trusted recipients. Other embodiments of suchmeans for mapping include, but not limited to, hash tables, linkedlists, and search trees.

In one embodiment the lookup table 62 maps AE (application entity)titles to email addresses. According to the DICOM standard, every nodeor device in a DICOM network has an AE title, that is, a name used toidentify a DICOM service on the node or device. Different AE titles canbe used for each DICOM operation. Received DICOM information objectsinclude metadata, such as an AE title associated with the DICOMinformation object. Similar to the AE titles of DICOM informationobjects, non-DICOM information objects can have identifying metadatathat the lookup table 62 can map to secure email addresses.

The secure messaging module 52 is also in communication with a secureemail gateway 66, and is configured to generate a link (e.g., a URL) fora given object and send the link to this secure email gateway 66 in asecure email. In one embodiment, the secure messaging module 52 isconfigured to operate in accordance with the Direct projectspecifications. When working with non-DICOM information objects, theimage-sharing server system 12 operates generally as an adapter from anynon-DICOM protocol to a Direct or Direct-like communications protocol.

The Web viewing module 56 is configured to stream images to user devices16 in response to requests received over the network 18.

FIG. 3 shows an embodiment of a process 100 for securely distributingstudies and images to known, trusted personnel. In this description ofthe process 100, reference is also made to elements of FIG. 1 and FIG.2. At step 102, the manager component 58 receives an information object22 (e.g., a DICOM or non-DICOM study, image, or series of images) froman authorized source 20. The processor 64 directs the image-processingmodule 60 to acquire (step 104) the information objects 22 from themanager component 58. The image-processing module 60 processes andprepares each information object 22 for streaming, and stores the resultin the image repository 54.

The processor 64 directs the secure messaging module 52 to obtainmetadata (e.g., an AE title) from the received information object 22,and to use the lookup table 62 to map (step 106) the metadata to anauthorized recipient's (e.g., Direct) secure email address. The securemessaging module 52 also generates (step 108) a URL (i.e., a link) foraccessing the particular information object 22 stored in the imagerepository 54 and an email message with the URL, and sends the emailmessage to the secure message gateway 66. The secure message gateway 66sends (step 110) the secure email message 34-1 containing the URL to theauthorized recipient's email address.

In this example, the authorized recipient uses the user device 16-1 toreceive and forward the secure email message 34-1 to the secure emailaddress of another recipient. This second secure email message 34-2contains the link and, usually, a protected resource, such as a healthrecord. Alternatively, or in addition, the authorized recipient canactivate the link in the first secure email message 34-1 to receive theinformation object 22 from the image-sharing server system 12.

The user device 16-2 of the second recipient receives and opens theforwarded secure email message 34-2 with the link using the client-sideuser-messaging program 30. When the second recipient activates (step112) the link in the secure email message 34-2, the web browser 32launches (if not already open) and sends (step 114) a request 38 to thecore services module 50 of the image-sharing server system 12. Inresponse to the request 38, the processor 64 directs theimage-processing module 60 to acquire and return, for example, the imageor images associated with the link from the image repository 54. Theprocessor 64 then directs the Web viewing module 56 to stream (step 116)the image or series of images to the user device 14. The user views(step 118) the image within the browser 22 running on the device 14.

As will be appreciated by one skilled in the art, aspects of the presentinvention may be embodied as a system, method, and computer programproduct. Thus, aspects of the present invention may be embodied entirelyin hardware, entirely in software (including, but not limited to,firmware, program code, resident software, microcode), or in acombination of hardware and software. All such embodiments may generallybe referred to herein as a circuit, a module, or a system. In addition,aspects of the present invention may be in the form of a computerprogram product embodied in one or more computer readable media havingcomputer readable program code embodied thereon.

Any combination of one or more computer readable medium(s) may beutilized. The computer readable medium may be a computer readable signalmedium or a computer readable storage medium. The computer readablemedium may be a non-transitory computer readable storage medium,examples of which include, but are not limited to, an electronic,magnetic, optical, electromagnetic, infrared, or semiconductor system,apparatus, or device, or any suitable combination thereof.

As used herein, a computer readable storage medium may be any tangiblemedium that can contain or store a program for use by or in connectionwith an instruction execution system, apparatus, device, computer,computing system, computer system, or any programmable machine or devicethat inputs, processes, and outputs instructions, commands, or data. Anon-exhaustive list of specific examples of a computer readable storagemedium include an electrical connection having one or more wires, aportable computer diskette, a floppy disk, a hard disk, a random accessmemory (RAM), a read-only memory (ROM), a USB flash drive, annon-volatile RAM (NVRAM or NOVRAM), an erasable programmable read-onlymemory (EPROM or Flash memory), a flash memory card, an electricallyerasable programmable read-only memory (EEPROM), an optical fiber, aportable compact disc read-only memory (CD-ROM), a DVD-ROM, an opticalstorage device, a magnetic storage device, or any suitable combinationthereof.

A computer readable signal medium may include a propagated data signalwith computer readable program code embodied therein, for example, inbaseband or as part of a carrier wave. Such a propagated signal may takeany of a variety of forms, including, but not limited to,electro-magnetic, optical, or any suitable combination thereof. Acomputer readable signal medium may be any computer readable medium thatis not a computer readable storage medium and that can communicate,propagate, or transport a program for use by or in connection with aninstruction execution system, apparatus, or device. As used herein, acomputer readable storage medium is not a computer readable signalmedium or a propagated signal.

Program code may be embodied as computer-readable instructions stored onor in a computer readable storage medium as, for example, source code,object code, interpretive code, executable code, or combinationsthereof. Any standard or proprietary, programming or interpretivelanguage can be used to produce the computer-executable instructions.Examples of such languages include C, C++, Pascal, JAVA, BASIC,Smalltalk, Visual Basic, and Visual C++.

Transmission of program code embodied on a computer readable medium canoccur using any appropriate medium including, but not limited to,wireless, wired, optical fiber cable, radio frequency (RF), or anysuitable combination thereof.

The program code may execute entirely on a user's computer, partly onthe user's computer, as a stand-alone software package, partly on theuser's computer and partly on a remote computer or entirely on a remotecomputer or server. Any such remote computer may be connected to theuser's computer through any type of network, including a local areanetwork (LAN) or a wide area network (WAN), or the connection may bemade to an external computer (for example, through the Internet using anInternet Service Provider).

In addition, the described methods may be implemented on animage-processing device, or the like, or on a separate programmedgeneral-purpose computer having image processing capabilities.Additionally, the methods of this invention can be implemented on aspecial purpose computer, a programmed microprocessor or microcontrollerand peripheral integrated circuit element(s), an ASIC or otherintegrated circuit, a digital signal processor, a hard-wired electronicor logic circuit such as discrete element circuit, a programmable logicdevice such as PLD, PLA, FPGA, PAL, or the like. In general, any devicecapable of implementing a state machine that is in turn capable ofimplementing the proposed methods herein can be used to implement theimage-processing system according to this invention.

Furthermore, the disclosed methods may be readily implemented insoftware using object or object-oriented software developmentenvironments that provide portable source code that can be used on avariety of computer or workstation platforms. Alternatively, thedisclosed system may be implemented partially or fully in hardware usingstandard logic circuits or a VLSI design. Whether software or hardwareis used to implement the systems in accordance with this invention isdependent on the speed and/or efficiency requirements of the system, theparticular function, and the particular software or hardware systems ormicroprocessor or microcomputer systems being utilized. The methodsillustrated herein however can be readily implemented in hardware and/orsoftware using any known or later developed systems or structures,devices and/or software by those of ordinary skill in the applicable artfrom the functional description provided herein and with a general basicknowledge of the computer and image processing arts.

Moreover, the disclosed methods may be readily implemented in softwareexecuted on programmed general-purpose computer, a special purposecomputer, a microprocessor, or the like. In these instances, the systemsand methods of this invention can be implemented as program embedded onpersonal computer such as JAVA® or CGI script, as a resource residing ona server or graphics workstation, as a plug-in, or the like. The systemcan also be implemented by physically incorporating the system andmethod into a software and/or hardware system, such as the hardware andsoftware systems of an image processor.

What is claimed is:
 1. A server system for securely distributinginformation, the server system comprising: a network interface and imagesharing server receiving, over a network, an information objectaccompanied by metadata, the metadata indentifying one or more trustedrecipients; a repository, in communication with the image sharingserver, storing the information object; computer instructions that mapthe metadata to one or more electronic addresses of the one or moretrusted recipients; a processor configured to generate a link foraccessing the information object stored in the repository, and toacquire the one or more electronic addresses of the trusted recipientsfrom the lookup table based on the metadata accompanying the receivedinformation object; the processor in conjunction with a secure messagingmodule inserting the link into an electronic message addressed to theone or more electronic addresses of the trusted recipients, and sendingthe electronic message, using a secure email gateway, with the link, tothe one or more electronic addresses of the trusted recipients, theelectronic message being secure and sent with a MU2 EHR status includingadministrative control, wherein the link in the electronic message isselected by a user to access the information object via a web browser;the image sharing sever: receiving in response to the selection of thelink, a request for the information object based on the link in theelectronic message, acquiring the information object signified by link,and providing the information object over a communications path fordisplay on a web browser, wherein the providing of the informationobject over the communications path occurs over a different pathway orchannel than the electronic message.
 2. The server system of claim 1,wherein the processor is further configured to generate the link andsend the electronic message with the link automatically in response tothe network interface receiving the information object accompanied bythe metadata.
 3. The server system of claim 1, wherein the processor isfurther configured to: receive, over a second network, a request for theinformation object sent from a user device in response to an activationof the link; retrieve the information object from the repository; andtransmit the information object to a browser of the user device over thesecond network.
 4. The server system of claim 3, wherein the processoris further configured to transmit a series of information objects inresponse to the request prompted by the activation of the link.
 5. Theserver system of claim 1, wherein the information object is an image ora study.
 6. The server system of claim 1, wherein the electronic messageis a Direct Project (Direct) secure email message.
 7. The server systemof claim 1, wherein the network includes a Digital ImagingCommunications in Medicine (DICOM) network.
 8. The server system ofclaim 1, wherein the metadata accompanying the information objectincludes an application entity (AE) title.
 9. A method of securelydistributing information, the method comprising: receiving, over anetwork, an information object accompanied by metadata, the metadataindentifying a trusted recipient; storing the information object in arepository; generating a link for accessing the information objectstored in the repository; mapping the metadata accompanying theinformation object to an electronic address of the trusted recipient;inserting the link into a secure electronic message addressed to theelectronic address of the trusted recipient; sending the secureelectronic message, using a secure email gateway, with the link to theelectronic address of the trusted recipient, the electronic messagebeing secure and sent with a MU2 EHR status including administrativecontrol, wherein the link in the electronic message is selectable by auser to access the information object via a web browser, receiving, inresponse to the selection of the link , a request for the informationobject based on the link in the electronic message; acquiring theinformation object signified by the link; providing the informationobject over a communacations path for display on a web browser, whereinthe providing of the information object over the communacations pathoccurs over a different pathway or channel than the electronic message.10. The method claim 9, wherein the generating of the link and sendingof the secure electronic message with the link occurs automatically inresponse to the receiving of the information object accompanied by themetadata.
 11. The method claim 9, further comprising: receiving, over asecond network, a request for the information object sent from a userdevice in response to an activation of the link; retrieving theinformation object from the repository; and transmitting the informationobject to a browser of the user device over the second network.
 12. Themethod of claim 11, further comprising transmitting a series ofinformation objects in response to the request prompted by theactivation of the link.
 13. The method of claim 9, wherein theinformation object is an image or a study.
 14. The method of claim 9,wherein the electronic message is Direct Project (Direct) secure emailmessage.
 15. The method of claim 9, wherein the network includes aDigital Imaging Communications in Medicine (DICOM) network.
 16. Themethod of claim 9, wherein the metadata accompanying the informationobject includes an application entity (AE) title.
 17. The method ofclaim 9, further comprising: receiving the electronic message at a firstuser device; and forwarding the link to another recipient in a secondsecure electronic message.
 18. A non-transitory information storagemedia having stored thereon instructions, that when executed by one ormore processors cause to be performed a method for distributinginformation comprising: receiving over a network ,an information objectaccompanied by metadata, the metadata identifying a trusted recipient;storing the information object in a repository; generating a link foraccessing the information object stored in the repository, mapping themetadata accompanying the information object to an electronic address ofthe trusted recipient; inserting the link into a secure electronicmessage addressed to the electronic address of the trusted recipient,sending the secure electronic message, using a secure email gateway,with the link to the electronic address of the trusted recipient, theelectronic message being secure and sent with a MU2 EHR status includingadministrative control, wherein the link in the electronic message isselectable by a user to access the information object via web browser,receiving, in response to the selection of the link, a request for theinformation object based on the link in the electronic message,acquiring the information object signified by the link; providing theinformation object over a communication path for display on a webbrowser, wherein the providing of the information object over thecommunications path occurs over a different pathway or channel than theelectronic message.
 19. The media of claim 18, further comprisingwherein the computer readable program code that, if executed, generatesthe link and the computer readable program code that, if executed, sendsthe secure electronic message with the link execute automatically inresponse to receipt of the information object accompanied by themetadata.
 20. The media of claim 18, further comprising: receiving, overa second network,a request for the information object sent from a userdevice in response to an activation of the link; retrieving theinformation object from the repository; and transmitting the informationobject to a browser of the user device over the second network.
 21. Themedia of claim 20, further comprising transmitting a series ofinformation objects in response to the request prompted by theactivation of the link.
 22. The media of claim 18, wherein theinformation object is an image or a study.
 23. The media of claim 18,wherein the electronic message is Direct Project (Direct) secure emailmessage.
 24. The media of claim 18, wherein the network includes aDigital Imaging Communications in Medicine (DICOM) network.
 25. Themedia of claim 18, wherein the metadata accompanying the informationobject includes an application entity (AE) title.
 26. The media of claim18, further comprising: receiving the electronic message at a first userdevice; and forwarding the link to another recipient in a second secureelectronic message.